<?php
/**
*
* @package aspl
* @version $Id$
* @copyright &copy; 2011 b3rx Technologies
*
*/

/**
* @ignore
*/
define("IN_ASPL", true);
$aspl_root_path = (defined("ASPL_ROOT_PATH")) ? ASPL_ROOT_PATH : "./";
$phpEx = substr(strrchr(__FILE__, "."), 1);
include($aspl_root_path . "config." . $phpEx);

$error = "";

if( $_POST["login"] )
{
	
	if( !$_POST["user_login"] || !$_POST["user_password"] )
	{
		$error = "You cannot login without a username/password.";
	}
	else
	{
		$user_data = DB::queryFirstRow("SELECT * FROM aspl_user WHERE aspl_user_login = %s", $_POST['user_login']);
		
		if( count($user_data) < 1 )
		{
			$error = "You have specified an incorrect username/password. Please check your username/password and try again.";
		}

		$user_hash = hash( "sha256", $_POST["user_password"] );

		if( $user_hash != $user_data["aspl_user_password"] )
		{
			$error = "You have specified an incorrect username/password. Please check your username/password and try again.";
		}

		if ( !$error )
		{
			$_SESSION["logged_in"] = true;
			$_SESSION["user_login"] = $_POST["user_login"];

			header( "location:index." . $phpEx );	
		}
	}
}

switch($_GET["mode"])
{
	case "login":
		
		if ( !$_SESSION["logged_in"] )
		{
			$smarty->assign( "login", 1 );
		}
		break;
		
	case "logout":
	
		$_SESSION = array();
		
		$smarty->assign( "logout", 1 );
		break;
		
	default:
	
		break;
}

$smarty->assign( "page_title", "Login" );
$smarty->assign( "error", $error );
$smarty->display( "ucp.tpl" );

?>
